Samsung: Mobile Payment System Safe Despite LoopPay Hack

Samsung Electronics is seeking to reassure customers that its mobile payment system is safe following a recently detected hack against LoopPay, a startup it acquired earlier this year and whose technology it has since integrated into its Samsung Pay mobile payment wallet.

On Wednesday, Samsung attempted to set the record straight about its mobile payment system by publishing a statement:

“The first thing to know is that Samsung Pay was not impacted and at no point was any personal payment information at risk,” the release reads. “This was an isolated incident that targeted the LoopPay office network, which is a physically separate network from Samsung Pay. The LoopPay incident was resolved and had nothing to do with Samsung Pay.”

The statement goes on to say that the intrusion affected three servers on LoopPay’s office network, which is separate from the production network that handles payment transactions under Samsung’s management.

These fears notwithstanding, if The New York Times is correct in reporting that the breach was indeed carried out by the Codoso Group, a Chinese hacker collective which is believed to be affiliated with the Chinese government and which has perpetrated attacks against major financial, defense, and other organizations in the past, the hack might not have exposed any user data.

As Ken Westin, a senior security analyst at Tripwire, told PCWorld, the group in this case would have likely targeted LoopPay’s code instead, possibly with the intent to collect information on individuals.